Lucene search

MitreCVE-2009-3854

HistoryNov 04, 2009 - 3:30 p.m.

CVE-2009-3854

2009-11-0415:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-3854

buffer overflow

ibm tivoli storage manager

tsm

remote code execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.121

Percentile

95.4%

JSON

Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

ibmtivoli_storage_managerMatch5.2.5.3

ibmtivoli_storage_managerMatch5.3

ibmtivoli_storage_managerMatch5.3.0

ibmtivoli_storage_managerMatch5.3.1

ibmtivoli_storage_managerMatch5.3.2

ibmtivoli_storage_managerMatch5.3.2.4

ibmtivoli_storage_managerMatch5.3.3

ibmtivoli_storage_managerMatch5.3.4

ibmtivoli_storage_managerMatch5.3.5.1

ibmtivoli_storage_managerMatch5.3.6.1

ibmtivoli_storage_managerMatch5.3.6.2

ibmtivoli_storage_managerMatch5.3.6.3

ibmtivoli_storage_managerMatch5.3.6.4

ibmtivoli_storage_managerMatch5.3.6.5

ibmtivoli_storage_managerMatch5.3.6.6

ibmtivoli_storage_managerMatch5.4.0

ibmtivoli_storage_managerMatch5.4.1

ibmtivoli_storage_managerMatch5.5.0

VendorProductVersionCPE
ibmtivoli_storage_manager5.2.5.3cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.0cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.1cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.2cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.2.4cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.3cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.4cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.5.1cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.6.1cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_storage_manager	5.2.5.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:::::::*
ibm	tivoli_storage_manager	5.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.3:::::::*
ibm	tivoli_storage_manager	5.3.0	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:::::::*
ibm	tivoli_storage_manager	5.3.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:::::::*
ibm	tivoli_storage_manager	5.3.2	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:::::::*
ibm	tivoli_storage_manager	5.3.2.4	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:::::::*
ibm	tivoli_storage_manager	5.3.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:::::::*
ibm	tivoli_storage_manager	5.3.4	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:::::::*
ibm	tivoli_storage_manager	5.3.5.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:::::::*
ibm	tivoli_storage_manager	5.3.6.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:::::::*

Rows per page:

1-10 of 181

References

secunia.com/advisories/32534

securitytracker.com/id?1023136

www-01.ibm.com/support/docview.wss?uid=swg1IC61058

www-01.ibm.com/support/docview.wss?uid=swg21405562

www.vupen.com/english/advisories/2009/3132

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.121

Percentile

95.4%

JSON

Related for CVE-2009-3854